Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Get ready for a BIG patch week

October 11th 2008 in Uncategorized

There will be 11 security bulletins – 4 critical, 6 important and 1 moderate.  Further details will be released when the patches are released.

Critical Security Bulletins
============================

AD Bulletin

  – Affected Software:
    – Active Directory on Microsoft Windows 2000 Server
      Service Pack 4

    – Impact: Remote Code Execution

IE Bulletin

  – Affected Software:
    – Internet Explorer 5.01 Service Pack 4 on
      Microsoft Windows 2000 Service Pack 4
    – Internet Explorer 6 Service Pack 1 when installed on
      Microsoft Windows 2000 Service Pack 4
    – Internet Explorer 6 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Internet Explorer 6 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Internet Explorer 6 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Internet Explorer 6 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    – Internet Explorer 6 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    – Internet Explorer 7 for
      Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Internet Explorer 7 for
      Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Internet Explorer 7 for
      Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Internet Explorer 7 for
      Windows Server 2003 x64 Edition and
      Windows Server 2003 x64 Edition Service Pack 2
    – Internet Explorer 7 for
      Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium-based Systems
    – Internet Explorer 7 in
      Windows Vista and
      Windows Vista Service Pack 1
    – Internet Explorer 7 in
      Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    – Internet Explorer 7 in
      Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation not affected)
    – Internet Explorer 7 in
      Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation not affected)
    – Internet Explorer 7 in
      Windows Server 2008 for Itanium-based Systems

    – Impact: Remote Code Execution

HIS Bulletin

  – Affected Software:
    – Microsoft Host Integration Server 2000 Service Pack 2 (Server)
    – Microsoft Host Integration Server 2000 Administrator Client
    – Microsoft Host Integration Server 2004 (Server)
    – Microsoft Host Integration Server 2004 Service Pack 1 (Server)
    – Microsoft Host Integration Server 2004 (Client)
    – Microsoft Host Integration Server 2004 Service Pack 1 (Client)
    – Microsoft Host Integration Server 2006 for 32-bit Systems
    – Microsoft Host Integration Server 2006 for 64-bit Systems

    – Impact: Remote Code Execution

Excel Bulletin

  – Affected Software:
    – Microsoft Office Excel 2000 Service Pack 3
    – Microsoft Office Excel 2002 Service Pack 3
    – Microsoft Office Excel 2003 Service Pack 2
    – Microsoft Office Excel 2003 Service Pack 3
    – Microsoft Office Excel 2007
    – Microsoft Office Excel 2007 Service Pack 1
    – Microsoft Office 2004 for Mac
    – Microsoft Office 2008 for Mac
    – Open XML File Format Converter for Mac
    – Microsoft Office Excel Viewer 2003
    – Microsoft Office Excel Viewer 2003 Service Pack 3
    – Microsoft Office Excel Viewer
    – Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats
    – Microsoft Office Compatibility Pack for Word, Excel, and
      PowerPoint 2007 File Formats Service Pack 1
    – Microsoft Office SharePoint Server 2007
    – Microsoft Office SharePoint Server 2007 Service Pack 1
    – Microsoft Office SharePoint Server 2007 x64 Edition
    – Microsoft Office SharePoint Server 2007 x64 Edition
      Service Pack 1

    – Impact: Remote Code Execution

Important Security Bulletins
============================

Windows 1 Bulletin

  – Affected Software:
    – Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    – Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems

    – Impact: Elevation of Privilege

Windows 2 Bulletin

  – Affected Software:
    – Microsoft Windows 2000 Service Pack 4
    – Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    – Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    – Windows Vista and
      Windows Vista Service Pack 1
    – Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    – Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for Itanium-based Systems

    – Impact: Elevation of Privilege

Windows 3 Bulletin

  – Affected Software:
    – Microsoft Windows 2000 Service Pack 4
    – Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    – Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    – Windows Vista and
      Windows Vista Service Pack 1
    – Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    – Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for Itanium-based Systems

    – Impact: Remote Code Execution

Windows 4 Bulletin

  – Affected Software:
    – Microsoft Windows 2000 Service Pack 4
    – Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    – Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    – Windows Vista and
      Windows Vista Service Pack 1
    – Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    – Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for Itanium-based Systems

    – Impact: Remote Code Execution

Windows 5 Bulletin

  – Affected Software:
    – Windows XP Service Pack 2 and
      Windows XP Service Pack 3
    – Windows XP Professional x64 Edition and
      Windows XP Professional x64 Edition Service Pack 2
    – Windows Server 2003 Service Pack 1 and
      Windows Server 2003 Service Pack 2
    – Windows Server 2003 x64 Edition and
      Windows 2003 Server x64 Edition Service Pack 2
    – Windows Server 2003 with SP1 for Itanium-based Systems and
      Windows Server 2003 with SP2 for Itanium based Systems
    – Windows Vista and
      Windows Vista Service Pack 1
    – Windows Vista x64 Edition and
      Windows Vista x64 Edition Service Pack 1
    – Windows Server 2008 for 32-bit Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for x64-based Systems
      (Windows Server 2008 Server Core installation affected)
    – Windows Server 2008 for Itanium-based Systems

    – Impact: Elevation of Privilege

Windows 6 Bulletin

  – Affected Software:
    – Microsoft Windows 2000 Service Pack 4

    – Impact: Remote Code Execution

Moderate Security Bulletins
============================

Office Bulletin

  – Affected Software:
    – Microsoft Office XP Service Pack 3

    – Impact: Remote Code Execution


Comments are closed.

Cool!  I have no connection with and have never looked at Killanet, but Castlecops is a forum dedicated to fighting malware, spyware, phishing and spamming (very effectively, I may add) and there are quite a few “Consumer Security” MVPs who have made their home there over the years (including me, although I have not been […]

Previous Entry

Yes, I know this report has been around for quite a few days, but I prefer to let things shake out and wait to see what comes to light before writing, especially when the original information is from a “tipster”. At first, the report was kind of surprising, considering Jellycloud had apparently raised many […]

Next Entry

Archives